top of page
  • Writer's pictureDeborah

On May 26, European Supervisory Authorities published a Discussion Paper on DORA proposing criteria for critical ICT third-party service providers (CTPPs) and fees levied on such providers.

ICT third-party service providers are critical to financial services operations, their stability and the integrity of financial systems. A large-scale failure to provide its services would have a significant and systemic impact on financial services.

The different proposed criteria relate to:

  • Impact on provision of financial services

  • Importance of financial entities

  • Critical or important function

  • Degree of substitutability

A third-party service provider that is designated as critical will pay oversight fees, to cover expenditures arising from the conduct of oversight tasks. The Discussion Paper proposes to clarify the scope of fees and estimated expenditures.

Responses to the discussion paper were requested by 23 June 2023.

DORA was adopted on November 22, 2022 and will apply from 17 January 2025 (read our previous piece here for more information).

Recent Posts

See All

Product Corner - VAs : Quèsaco

Virtual Assets (VAs) or crypto assets refer to : “any digital representation of value that can be digitally traded, transferred or used for payment. It does not include digital representation of fiat

Upcoming Regulatory Deadlines to Watch

10 Aug 2023 - Deadline to submit comments to FCA Guidance Consultation (GC23/1) on crypto asset financial promotions. 5 Sep 2023 - Effective date of SEC Cybersecurity Risk Management, Strategy, Govern


bottom of page